← Volver a CVEs
CVE-2022-27524
HIGH7.1
Descripcion
An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Detalles CVE
Puntuacion CVSS v3.17.1
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado4/13/2022
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
autodesk:dwg_trueview
Debilidades (CWE)
CWE-125
Referencias
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007(psirt@autodesk.com)
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.